Using NetFlow Auditor to assist in identifying Denial of Service Attack (August 2009).pdf

This Paper covers how denial of service attacks (DoS) and distributed denial of service attacks (DDos) can be identified early to mitigate and attack. We will reflect a method to alert when changes occur outside of learnt baselines and how new patterns can be recognized when security analysts have access to technology that provides high visibility of traffic from utilization, conversation, packet analysis, packet size distribution analysis and byte usage and standard deviation methods.